CVE-2012-4985 | HackTesting

The Forescout CounterACT NAC device 6.3.4.1 does not block ARP and ICMP traffic from unrecognized clients, which allows remote attackers to conduct ARP poisoning attacks via crafted packets.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/80284

http://www.reactionpenetrationtesting.co.uk/forescout-nac-icmp-arp.html

http://www.securityfocus.com/bid/56689

http://osvdb.org/87895